On December 16, we were informed that someone had recently acquired unauthorized access to a database of Forum.ethereum.org. We immediately launched an in -depth investigation to determine the origin, nature and scope of this incident. Here is what we know:
- The information that has been recently accessible is a backup of the database from April 2016 and contained information concerning 16.5K forum users.
- Disclosed information includes
- Messages, public and private
- IP addresses
- Username and email addresses
- Profile information
- Chopped passwords
- ~ 13K BCRYPT HACHES (salty)
- ~ 1.5K WordPress-Hashs (salty)
- ~ 2K Accounts without passwords (federated connection used)
- The attacker discloses that it is the same person / the same people who Recently hacked BO Shen.
- The striker used social engineering to access a mobile phone number which allowed them to access other accounts, one of which had access to an old backup of the forum database.
We take the following measures:
- Forum users whose information may have been compromised by the leak will receive an e-mail with additional information.
- We have closed the unauthorized access points involved in the leak.
- We apply more strict internal security guidelines, such as deleting telephone recovery telephone numbers and the use of encryption for sensitive data.
- We provide the email addresses to which we think we have been disclosed https://haveibeenpwned.comA service that helps communicate with affected users.
- We reset all the passwords of the forum, with immediate effect.
If you have been affected by the attack, we recommend that you do the following:
- Make sure your passwords are not reused between services. If you have reused your forum password.ethereum.org elsewhere, change it in these places.
In addition, we recommend This excellent blog article by Kraken This provides useful information on how to protect yourself from these types of attacks.
We deeply regret that this incident has occurred and works with internal diligence, as well as with external partners to tackle the incident.
The questions can be addressed to Security@ethereum.org.
